登录查看更多内容

HotPage browser injector capable of replacing web content and redirecting users

ESET Nigeria

Progress Protected

发布日期: 2024年7月23日

+ 关注

HotPage browser injector is capable of replacing web content and opens the system to other vulnerabilities.

ESET Research has discovered a sophisticated browser injector:

ESET Research has discovered a sophisticated browser injector ESET dubbed HotPage.

It is a signed, vulnerable, ad-injecting driver.

The threat poses as a security product that blocks advertisements; however, it introduces even more ads.

HotPage can replace the content of the current page, redirect the user, or simply open a new tab to a website full of gaming ads.

The threat leaves the door open for other threats to run code at the highest privilege level available in the Windows operating system.

Click here to read more

要查看或添加评论，请登录

ESET Nigeria的更多文章

2025年1月29日

Going (for) broke: 6 common online betting scams and how to avoid them

Online gambling is big business. Topping revenue of $84bn in 2023, the business of online casinos, virtual poker and…
2025年1月10日

State-aligned APT groups are increasingly deploying ransomware – and that’s bad news for everyone

The blurring of lines between cybercrime and state-sponsored attacks underscores the increasingly fluid and…

1 条评论
2025年1月7日

AI moves to your PC with its own special hardware

Seeking to keep sensitive data private and accelerate AI workloads? Look no further than AI PCs powered by Intel Core…
2024年9月23日

AI security bubble already springing leaks

Artificial intelligence is just a spoke in the wheel of security – an important spoke but, alas, only one. That was…
2024年8月15日

Top 6 Craigslist scams: Don’t fall for these tricks

Here’s how to spot and dodge scams when searching for stuff on the classified ads website that offers almost everything…
2024年8月8日

How Minecraft and game modding can undermine your security

ESET Research has revealed a concerning fact — gamers are being targeted by cybercriminals, and it’s no mystery why…
2024年8月6日

Annoying but necessary: How to decrease the burden of authentication requirements

Authentication mechanisms are a vital aspect of cybersecurity deserving adequate protection, but increasing complexity…
2024年7月29日

Building cyber-resilience: Lessons learned from the CrowdStrike incident

Organizations, including those that weren’t struck by the CrowdStrike incident, should resist the temptation to…
2024年7月24日

Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android

ESET researchers discovered a zero-day Telegram for Android exploit that allows sending malicious files disguised as…
2024年7月23日

Beyond the blue screen of death: Why software updates matter

The widespread IT outages triggered by a faulty CrowdStrike update have put software updates in the spotlight. Here’s…

See all articles

社区洞察

Game Development

How can you test and debug game security and anti-cheat measures?
Front-end Development

What are the best practices for storing and sending JWT tokens in the browser?
Gaming Industry

What are the most effective strategies for ensuring game security during development and distribution?
Operating Systems

How can you choose between a recovery partition or a recovery disk?
Communication Systems

How can you securely boot an LTE device?
Hardware Diagnostics

How do you enable or disable secure boot in Windows 10?
Web3

You want to create a secure token. What are the vulnerabilities you need to avoid?
Application Security

How do you balance the security and usability of CSRF tokens?
Game Development

What are the most important online game security measures for game development?
Mobile Technology

How do you keep mobile game data and users secure?

其他会员也浏览了

August ’22 a bumper month for high-impact vulnerabilities

Julio Marchi 2 年
Indian govt warns Google Chrome, Android users about high-risk issues.

Sulbha Tiwari 5 个月
Protecting Your Kids On Windows Devices: A Step-by-Step Guide ????

Abidemi Ajiboye 10 个月
Notice: Mac Users Beware of AMOS Malware Disguised as Safari and Chrome Updates!

Golden Arrow Digital Solution 1 年
One Million Devices Infected: Hackers Use Malvertising and GitHub to Spread Infostealers

X Cyber Group (XCyber?) 2 周
The 0.0.0.0 Day Browser Flaw

Foresight Cyber 7 个月
If it is stupid but it works, it is not stupid

Kostya Vasilkov 1 年
Update Your Firefox Now – Discovered Zero-Day Vulnerability

XEye Security 5 个月
Enterprise Grade Security VPN Software For Windows

Ricardo M. 7 年
...We told you so

Ruvenss G. 5 年

ESET Nigeria的更多文章

Going (for) broke: 6 common online betting scams and how to avoid them

State-aligned APT groups are increasingly deploying ransomware – and that’s bad news for everyone

AI moves to your PC with its own special hardware

AI security bubble already springing leaks

Top 6 Craigslist scams: Don’t fall for these tricks

How Minecraft and game modding can undermine your security

Annoying but necessary: How to decrease the burden of authentication requirements

Building cyber-resilience: Lessons learned from the CrowdStrike incident

Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android

Beyond the blue screen of death: Why software updates matter

社区洞察

其他会员也浏览了

August ’22 a bumper month for high-impact vulnerabilities

Indian govt warns Google Chrome, Android users about high-risk issues.

Protecting Your Kids On Windows Devices: A Step-by-Step Guide ????

Notice: Mac Users Beware of AMOS Malware Disguised as Safari and Chrome Updates!

One Million Devices Infected: Hackers Use Malvertising and GitHub to Spread Infostealers

The 0.0.0.0 Day Browser Flaw

If it is stupid but it works, it is not stupid

Update Your Firefox Now – Discovered Zero-Day Vulnerability

Enterprise Grade Security VPN Software For Windows

...We told you so